The decline in VC funding for cybersecurity startups might finally be reversing course after months of discouraging trend lines.
Recently, Crunchbase reported that cybersecurity startups raised nearly $1.9 billion through 153 deals in Q3 — a 12% increase from the $1.7 billion raised across 181 deals in the previous quarter.
There’s anecdotal evidence of a turnaround, to be sure. Today, Graylog, a Houston-based company that develops tools to help detect, analyze and respond to digital security threats, announced that it raised $39 million in a funding round co-led by Silver Lake Waterman, Piper Sandler Merchant Banking and Harbert Growth Partners.
That “$39 million” figure is a little misleading, however. Only $9 million of the tranche was equity — an extension of Graylog’s $18 million Series C round that closed in June 2021. The rest — $30 million — is in the form of what Graylog CEO Andy Grolnick is calling a “flex debt” facility.
“Given that Graylog is close to being cash-flow positive, the blend of equity and debt enables the company to continue its strong trajectory and bridge to profitability while minimizing dilution for investors and employees,” Grolnick said. “While Graylog is not disclosing valuation, the recent round represents a solid increase from the prior round.”
Graylog has its roots in an open source project launched in 2009 by Lennart Koopman, a software engineer, who at the time was seeking to create a better way to manage and analyze machine log data. Koopman eventually commercialized the open source project to found Graylog the company, which hired Grolnick as CEO in late 2020.
Graylog’s original product suite, which it still offers, focuses on collecting, storing and analyzing log data for IT troubleshooting and error detection. But through a combination of acquisitions and in-house R&D, the company recently branched into cybersecurity, rolling out products — Graylog API Security and Graylog Security — for API threat monitoring, security analytics, incident investigation and anomaly detection capabilities.
Grolnick claims that Graylog Security, launched in May 2022, now represents over 50% of Graylog’s net new customer sales.
“We’ve seen our business thrive lately as our value proposition has resonated with organizations looking for security solutions that are as effective in detecting threats as they are in managing costs,” Grolnick added. “This has allowed us to overcome some of the macro challenges facing tech companies over the last year.”
Graylog’s competitors in the over $4.1 billion log management segment span Splunk, Elastic and Sumo Logic, as well as newer entrants like Coralogix, Logz.io and Crowdstrike-owned Humio. But Grolnick asserts that Graylog has momentum on its side.
Graylog’s paid and open source tools now serve more than 200,000 users across over 50,000 installations, he says. And among the company’s client base are large defense customers like the U.S. Army, the U.S. Air Force, Lockheed Martin and SAIC.
Grolnick expects 110-employee Graylog, which saw new bookings grow 67% in Q3 year-over-year, to be cash flow positive in the second half of 2024.
“The time was good to raise capital for a couple of reasons,” he said. “First, we wanted to take advantage of the opportunity to build market share in an environment where we were seeing our growth accelerate … Second, given our current trajectory, we had strong interest from both existing and new investors which made the process relatively smooth. The new funds will be used to drive growth and bridge to profitability. With the new capital, key growth investments are being made in product development, global sales and channel expansion and customer success.”